My SAP installation has created a user sapuser, and I am able to login into ABAP Workbench with user:
sapuser/password (user:800)
I am also able to login using the following credentials:
SAP*/PASS (user:800)
However, I am not able to login using the following credentials, why?
eccadm/password (user:800)
DDIC/19920706 (user:000,001)
EARLYWATCH/support (user:066)
I played with DDIC and the logs show:
Password logon no longer possible - too many failed attempts.
Also in TCODE su01 when I enter DDIC user, SAP says:
User DDIC does not exist.
Also when I login through SAPUSER or SAP* and check usr02 table in se16, I see only SAPUSER user created by SAP*:
eccadm is an OS user, that's why you can't login to SAP system with it. Use SAP* or DDIC for initial login in your productive client and then create user accounts.
DDIC password should be your MASTER password, created during installation of the system.
EARLYWATCH user is available only in client 066 per default.
Related
Windows server 2016.
Old users (those, having profiles/folders created at "C:\Users") are able to remote into our server via RDP, but new users are not. Initially the error was The User Profile Service service failed the sign-in. User profile cannot be laoded.
Checking server, it seems "C:\Users\Default" has the only folder/entry "AppData", nothing more. I copied the file "NTUSER.DAT" from similar server "Default" folder. Also, folder permissions are identical.
Now new users are able to login, but it goes to a temporary profile and of course, user's profile at "C:\Users" does not get created.
Event logs does not tell much, basically just confirms login errors/notes we get:
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
How this can be solved?
Open the registry editor and go to HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList then find the key where the ProfileImagePath is the profile location of the user that's not being created. Export, then delete that registry key.
I'm trying to change the admin password. I get this error:
invalid authentication ticket
It's a known issue: https://issues.sonatype.org/browse/NEXUS-10252
You need just to change your password within 15 seconds after entering current password.
I have a hack(ethical) and hence alternate but longer way to do this :-)
Steps:-
Create a new admin user(previously logged in using admin default credentials) - different user name, etc, etc
Now login using new(admin) user that you created in step 1.
Delete the previous admin user (the default one)
Again create a new admin user using new credentials
Login using admin user that you just created, and problemo solved :-)
It looked like i was changing the password and something else at the same time. I had to save the profile and then proceed with the password change.
I have successfully set up the FOSUserBundle and the FR3D LDAP bundle to allow my company users to login to the web app with their own login.
From now, if someone logins, they will have the default role, which is ROLE_USER.
However, I only want a specific role to be allowed (in this case it's ROLE_CONSULT, which I created).
What I am doing to allow users at this moment is:
Ask the user to login to the web app
They get the "You have no right to access this web page"
They tell me he connected
I change the user's role to "ROLE_CONSULT" with a form I created within the admin panel.
What I want to do is:
I select the user from the LDAP list
Change the user role (which is not on the database yet, but will be as soon as I change the role)
The user logins successfully
I already developed the 1 and 2 points, but as the "salt" is empty on the database, it doesn't allow the user to connect as it must believe the password isn't correct.
Any idea how I can make it work by telling Symfony2 it is the first login, it will automatically ONLY check the entered password at my LDAP configuration ?
Thanks.
Alright, that was easy.
I just forgot to put the "DN" to the database.
Now it's working.
I am using the Facebook login api in my website, currently I am checking if the FB userid exist in my SQL Server database, if it does, the user is allowed to access my website else he will be directed to the Facebook registration plugin page.
The thing is I am also using aspnetdb which in my web.config authorisation, I block all users accept for users who are logged in and authenticated by the aspnetdb membership provider, hence my problem is for users who uses logs in successfully with Facebook gets block by my app's non-fb login page. How should I go about authenticating users who logs in via Facebook? Thanks.
Facebook login/registration API provides you with the FBUserid, it should be stored in your SQL server DB against the user. If a new user comes to your website and registers via FB, you should generate corresponding user in your database too with some default password (random and different for each user) You can provide the functionality that, if a user registered with FB wishes to user your application's login, you should send him the default password via email and ask him/her to change on first login.
I'm using forms authentication for an app that allows users to register but not active. We will send out an activation code via snail mail (long story) and the user can return with that info and activate their account.
I want to create a page where the user can come back and enter their username, password and generated key to activate the account. The key I have stored in another table and I plan to generate it. I'm having trouble verifying the username and password with an inactive account. I've tried Membership.ValidateUser(username,password) and it fails but if I activate the account, it works.
Ideas on how to check this?
Activate the account first.
If you are sending them the activation code in an email, have a anonymous access page which receives the activation code from the email (perhaps via querystring), activates the account, and redirects them to a login page with forms authentication activated (assuming the username and password are already created).
If the access code is invalid and fails, you can optionally deactivate the account.
I would not set IsActive = false. That is for disabling an account, preventing any type of login. Instead, I do not see a problem leaving them with the ability to login. I would use a Membership Role to specify when a user is verified. I.e. "Verified".
If they have not activated their account and attempt to login, you simply check to see if they have the Verified role. If not, redirect them to a page of "You account is not yet activated. Please wait for snail mail". Or a "Please enter your verification code below." message.
When they do finally enter the proper verification code from snail mail, you simply add them to the Verified role.
This gives you the control of allowing them to login and "check" the status of their account. And, resolves your IsActive issue.